JP2005204232A - Network system, access point device, terminal communication module, access control method, access control program, and recording medium recording access control program therein - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a network system, an access point device, a terminal communication module, an access control method, an access control program, and a recoding medium recording an access control program which can be managed easily, can prevent an unauthorized access, and can improve security by compensating vulnerability of an encoding method in a wireless network. <P>SOLUTION: A network system 1 connecting by air a terminal 4 to a wired network 7 through an access point 3 is provided with a position detector 5 detecting position information of each terminal 4, and a position information management device 6 managing the detected position information. A wireless connection to the wired network 7 is permitted to the terminal 4 determined to be exist in a service area 8, and a wireless connection is prohibited to the terminal outside the service area 8. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a network system, an access point device, a terminal communication module, an access control method, an access control program, and a recording medium on which an access control program is recorded that prevents unauthorized access to a network and improves security.

  In recent years, with the price reduction of personal computers, computer devices are generally spread as devices that are used on a daily basis. The computer device referred to here includes a desktop computer that is almost fixedly used on a desktop or the like, a notebook computer that emphasizes portability, a PDA (Personal Digital Assistant), and the like.

  In many cases, these computer devices transmit and receive information via a network. Information transmitted and received through the network in this way includes information that is difficult to leak to the outside, such as a cash card ID or a confidential document in a company. Therefore, high reliability is required for the security of the system constituting the network.

  On the other hand, a network configuration for transmitting and receiving data using a wireless LAN module has recently become widespread. In data transmission / reception using a wireless LAN module, if communication is established between a wireless communication module on the terminal side and a wireless base station (hereinafter referred to as an access point) connected to the network, a computer device serving as a terminal Data can be transmitted and received by accessing the network from any location. For this reason, there is a merit that it is freed from the troublesomeness of wiring, and it is attracting attention not only for home use by general users, but also for office use in companies where many computer devices must be connected.

  However, these degrees of freedom conversely cause a demerit that enables unauthorized access from any place. Generally, wireless communication has no directivity and is easy to intercept. For this reason, there are problems such as intercepting transmission / reception of information between the terminal communication module and the access point, or improper use of the network by impersonating a legitimate terminal from a terminal that is not allowed to access the network. . When information is intercepted, important information leaks, and in the case of unauthorized use by impersonation, it is misused as a base for unauthorized access to other systems on the network.

  Thus, a number of security technologies that have responded to these problems have been proposed. For example, in a method called WEP (Wired Equivalent Privacy), data is encrypted using a 64-bit or 128-bit common key, information leakage due to interception is prevented, and errors and data tampering are checked to prevent unauthorized connection. . However, since the common key is constant in this method, there is a problem that once the encryption key is leaked, the data is easily decrypted. In fact, it has been shown that in WEP communication, a common key can be estimated and decrypted from communication data intercepted by various methods.

  In a method called MAC (Media Access Control) Address Filtering, regular access is recognized using a MAC address set for each network communication module. For a communication module that permits access in advance, its MAC address is registered in an access point or server, and access to the network is prohibited for a communication module having a MAC address that is not registered. However, since it is easy to falsify the MAC address itself, the security level by this method is not high. In addition to the MAC address, a method of previously registering the serial number of the communication terminal in the access point has also been proposed (see, for example, Patent Document 1), but registration is required for each access point, and there is a problem with the security level. In addition, there is also annoying management.

Therefore, recently, a method for realizing more robust security by combining a plurality of methods has been proposed. For example, there is WPA (Wireless Protected Access) that combines IEEE 802.1x and TKIP (Temporal Key Integrity Protocol). In this method, first, the authentication method of the terminal to be accessed and the common key distribution method for encryption are realized by IEEE 802.1x. Specifically, the user is authenticated using an electronic certificate and a user authentication server distributed in advance for each terminal. Distribute a different common key for each authenticated user. Since the new common key is redistributed only to users who have been authenticated after a certain period of time, even if the common key is leaked, the communication of a specific user for a certain period of time will be intercepted, minimizing damage. Can be suppressed. TKIP is an encryption algorithm that improves the vulnerability of WEP. The combination of the above two methods realizes more reliable data transmission / reception that eliminates unauthorized access.
JP 2001-320373 A

  However, in the conventional system as described above, unauthorized access cannot be prevented if an electronic certificate, ID, or password that has been distributed and registered in advance is leaked. In particular, since IDs and passwords are assisted by the user, it is easy to guess a password by an unauthorized method or to leak outside due to careless handling. Furthermore, it is impossible to deal with unauthorized access from the outside when a device in which a regular electronic certificate is stored is stolen. In addition, since pre-registration is required, there is a problem in management in a use scene where new subscriptions and temporary use are frequent.

  In view of such a problem of the prior art, the object of the present invention is to use the dynamic location information of a device that performs communication, thereby preventing unauthorized access to the network while being easy to manage, and an encryption method Providing a network system, an access point device, a terminal communication module, an access control method, an access control program, and a recording medium on which the access control program is recorded. is there.

  In order to achieve the above object, a network system according to the present invention is a network system in which a terminal is wirelessly connected to a network via an access point device, a position detector that detects position information of each terminal, and a detection by the position detector. And a location information management device that manages location information of each terminal, and the access point device connects each terminal to the network based on the location information of each terminal managed by the location information management device. It is characterized by controlling.

  Here, the control of the connection to the network is, for example, each terminal determined to exist outside the predetermined area by permitting connection to the network for each terminal determined to exist within the predetermined area. The terminal is prohibited from connecting to the network, but is not limited to such control. In addition, within the predetermined area, for example, if it is used within the company, it is within the company premises, and if it is used within a specific department of the company, the room of the department is mentioned. It is not limited.

  According to the network system of the present invention, the connection to the network is controlled based on the location information of the terminal, and the connection to the network can be performed only for the terminal existing at a position where the connection may be permitted. As a result, it is not necessary to register a terminal that permits network connection in advance, so there is no troublesome management. Even when a terminal is lost or stolen, unauthorized access from the outside can be blocked in order to determine whether or not access is possible based on location information, and security can be maintained high.

  In the network system of the present invention, the access point device and each terminal may each have an encryption communication unit.

  According to the network system of the present invention, the communication between the access point device and each terminal is encrypted, so the safety is improved.

  In the network system of the present invention, the access point device transmits different encryption key information for each terminal to each terminal, and updates the encryption key information every time a predetermined time elapses and re-transmits the information to each terminal. The access point device controls retransmission of the updated encryption key information to each terminal based on the location information of each terminal managed by the location information management device. It is good.

  Here, the control of retransmission of the updated encryption key information to each terminal means, for example, that each terminal determined to exist within a predetermined area is permitted to retransmit the updated encryption key information. Although it is prohibited to retransmit the updated encryption key information to each terminal determined to exist outside the predetermined area, the present invention is not limited to such control.

  According to the network system of the present invention, the encryption key for communication between the access point device and each terminal is periodically updated every predetermined time, and the re-transmission of the updated encryption key is transmitted to the terminal location information. The updated encryption key is retransmitted only to a terminal that exists in a location where connection is permitted. As a result, even when the encryption key is leaked, the time during which unauthorized access may be performed can be limited, and the risk can be minimized. In addition, even when the terminal moves and moves out of a predetermined area after the encrypted communication is established, connection to the network can be prohibited and security can be improved.

  In the network system of the present invention, a plurality of the position detectors may exist. In the network system of the present invention, only one position detector may be present.

  Here, examples of the position detector include a distance sensor and a direction sensor, but are not limited thereto.

  According to the network system of the present invention, when a plurality of position detectors are used, the position of the terminal can be specified more strictly. As a result, it is possible to cope with a case where an area with a physically high security level and an area with a low security level are in contact. Further, when only one position detector is used, the position detection accuracy of the terminal is simplified, but the configuration of the network system is simplified. As a result, the cost of the entire network system can be reduced, and the placement work of the position detector can be facilitated.

  In the network system of the present invention, the access point device may include the location information management device. In the network system of the present invention, the access point device may include the position detector.

  According to the network system of the present invention, since the access point device incorporates the location information management device, the access point device and the location information management device can be combined into one device. Thereby, the structure of a network system can be simplified and cost can be reduced. Furthermore, when the position detector is also built in this single device, the configuration of the network system can be further simplified and the cost can be further reduced.

  In the network system of the present invention, each terminal may include a transmitter that transmits a signal for position detection by the position detector.

  Here, the transmitter may transmit a signal periodically at a predetermined time interval, or may transmit a signal irregularly as necessary. The signal transmitted from the transmitter preferably includes a unique identification signal for each terminal. For example, a public key of a public key cryptosystem may be included.

  According to the network system of the present invention, the position of each terminal can be reliably detected. As a result, wireless communication with a high security level can be realized without bothering management. If the transmission of the signal from the transmitter is performed at a predetermined time interval, the power consumption of the transmitter can be greatly reduced.

  In the network system of the present invention, the transmitter may transmit a signal by radio waves.

  According to the network system of the present invention, the radio wave from the transmitter can be reached even if there is any obstacle between each terminal and the access point device. As a result, even a place where shelves or the like are complicated, or a space partitioned by partitions or walls, can be managed as a predetermined area that allows access to the network.

  In the network system of the present invention, the transmitter may transmit a signal by infrared rays.

  According to the network system of the present invention, the infrared rays from the transmitter do not pass through the walls. As a result, it is possible to limit the predetermined area where access is permitted to one room, and the security level can be improved. In addition, if the present invention is applied to a network system in which only one position detector is used and the position detection accuracy of the terminal is simplified, a signal will not reach from an unexpected region, so that the security level can be maintained. Can do.

  The type of signal from the transmitter need not be limited to one, and a network system can be constructed by using a plurality of types of signals in combination. This also makes it possible to construct an optimal network system by combining the features.

  Or the access point apparatus of this invention is an access point apparatus in the above-mentioned network system.

  According to the access point device of the present invention, the access point device can be used in the construction of the network system having the above-described features.

  Or the communication module for terminals of this invention is a communication module for terminals used by each terminal in the above-mentioned network system, Comprising: It has a transmitter which transmits the signal for the position detection by the said position detector. Features.

  Here, the terminal communication module includes, for example, a wireless LAN card that can be installed in a PC card slot if the terminal is a notebook personal computer, but is not limited thereto. A type that is attached to the outside of the terminal to be integrated, or a type that is connected by a cable or the like may be used. Further, it may be built in the terminal body in advance. The transmitter may transmit a signal periodically at a predetermined time interval, or may transmit a signal irregularly as necessary. Examples of the transmitter include a transmitter that transmits a signal by radio waves or infrared rays, but is not limited thereto. The signal transmitted from the transmitter preferably includes a unique identification signal for each terminal. For example, a public key of a public key cryptosystem may be included.

  According to the terminal communication module of the present invention, a terminal usable in the network system having the above-described features can be easily prepared by mounting or connecting the terminal communication module to the terminal. Implementation of the network system of the present invention is also facilitated. Moreover, since the position detection of the communication module for terminals can be performed reliably, the position of each terminal can be reliably grasped. As a result, wireless communication with a high security level can be realized without bothering management.

  Alternatively, the access control method of the present invention is an access control method in a network system in which a terminal is wirelessly connected to a network via an access point device, and detects the position of each terminal and whether or not it exists within a predetermined area. And a permission step for permitting access to the network only for a terminal determined to be present in the predetermined area.

  According to the access control method of the present invention, the connection to the network is controlled based on the location information of the terminal, and the connection to the network can be performed only for the terminal existing at a position where the connection may be permitted. . As a result, it is not necessary to register a terminal that permits network connection in advance, so there is no troublesome management. Further, even when a terminal or a terminal communication module is lost or stolen, unauthorized access from the outside can be blocked to determine whether access is possible or not based on position information, and security can be kept high.

  In the access control method of the present invention, in the determining step, the position of a terminal having a unique public key is detected to determine whether the terminal exists in the predetermined area, and the access permission A step of generating a common key for communication with the terminal determined to exist within the predetermined area; and an encryption step of encrypting the common key with the public key unique to the terminal; A common key transmission step for transmitting the common key encrypted in the encryption step; and a communication step for performing encrypted communication with the terminal using the common key transmitted in the common key transmission step. It may be characterized by having.

  According to the access control method of the present invention, the encrypted common key is transmitted based on the location information of the terminal, and the encrypted common key is transmitted only to the terminal located at a position where the connection may be permitted. Send. Thereby, security can be improved more.

  Or the access control program of this invention makes a computer perform the said access control method, It is characterized by the above-mentioned.

  According to the access control program of the present invention, the access control method of the present invention can be realized anywhere as long as there is a computer environment capable of executing the program. Furthermore, if this access control program can be executed by a general-purpose one-chip microcomputer or the like, an access point device capable of executing the access control method of the present invention, and a network system including such an access point device Development and manufacturing of the

  Or the recording medium which recorded the access control program of this invention is a computer-readable recording medium, Comprising: The said access control program is recorded, It is characterized by the above-mentioned.

  According to the recording medium recording the access control program of the present invention, the access control method of the present invention can be easily realized in various places and environments, and the versatility of the access control method of the present invention can be enhanced. .

  According to the network system and the access control method of the present invention, the connection to the network is controlled based on the location information of the terminal, and the connection to the network is performed only for the terminal that exists in a position where the connection may be permitted. be able to. As a result, it is not necessary to register a terminal that permits network connection in advance, so there is no troublesome management. Even when a terminal is lost or stolen, unauthorized access from the outside can be blocked in order to determine whether or not access is possible based on location information, and security can be maintained high. Further, by using the access point device and the terminal communication module of the present invention, the network system of the present invention can be easily realized.

  Further, the access control program of the present invention facilitates the development and manufacture of an access point device capable of executing the access control method of the present invention and a network system including such an access point device.

  Moreover, the access control program of the present invention makes it easy to implement the access control method of the present invention in various places and environments, and can enhance the versatility of the access control method of the present invention.

  The present invention proposes a method of dynamically acquiring user (computer device) location information and authenticating a terminal based on the location information. This saves the trouble of registration by the administrator and prohibits access unless it is in the area designated in advance, so that unauthorized access from outside can be blocked and the security level can be improved.

  When considering the use of a general computer device, an authorized user is in a certain area and connects the computer device to a network. There is usually some kind of security before entering this area, and entering these areas without such security is sufficiently high compared to intercepting radio waves leaking outside. .

  For example, in the case of a company, visitors are first checked when entering a company building. Furthermore, in order to enter a room, in many cases, some ID or password is required. Also, if a suspicious person stays in the room for a long time, other employees may notice it. Therefore, it can be said that the fact that the user is in the room and accessing the network assures the identity of the user to some extent.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

<First Embodiment>
FIG. 1 is a schematic configuration diagram of a network system 1 according to the first embodiment of the present invention.

  As shown in FIG. 1, a network system 1 includes a network server 2 that intervenes in connection with a wired network 7 (such as a LAN or WAN), and an access point 3 that is connected to the network server 2 and serves as a base unit of a wireless network And at least one terminal 4 (computer device) that can be a slave unit of the wireless network, at least one position detection sensor 5 that detects position information of the terminal 4, an access point 3, and a position detection sensor 5 And a position management server 6 that manages the position information of the terminal 4 detected by the position detection sensor 5.

  Here, the terminal 4 has a terminal communication module (not shown), and the terminal communication module can perform encrypted communication 10 with the wired network 7 via the access point 3. It has become. Examples of the terminal communication module include, but are not limited to, a wireless LAN card that can be mounted in a PC card slot if the terminal 4 is a notebook personal computer. A type that is attached to the outside of the terminal 4 to be integrated, or a type that is connected by a cable or the like may be used. If the terminal communication module has a general-purpose interface for the computer device used as the terminal 4, the terminal 4 usable in the network system of the present invention can be obtained simply by using such a terminal communication module. Can be easily prepared. Further, such a terminal communication module may be built in the terminal 4 body in advance. A configuration example of such a terminal communication module will be described later with reference to FIG. In FIG. 1, the access point 3 is connected to the wired network 7 via the network server 2, but the network server 2 or its function may be built in the access point 3. Alternatively, the access point 3 may be directly connected to the wired network 7. A configuration example of the access point 3 will be described later with reference to FIG.

  In this network system 1, the position information of each terminal 4 is detected by each position detection sensor 5, and the position information is managed by the position management server 6. In order to acquire the position information of each terminal 4, a technique called LPS (Local Positioning System, details will be described later) is used. Specifically, for example, the position of each terminal 4 may be detected using a plurality of distance sensors, or the position of each terminal 4 may be detected using a plurality of direction sensors. By doing in this way, it becomes possible to detect the position of each terminal 4 dynamically. The terminal communication module included in each terminal 4 incorporates a beacon (details will be described later) for transmitting a signal for informing the position detection sensor 5 of its own position. In order for the position detection sensor 5 to identify each terminal 4 and reliably detect each position, for example, it is preferable that a unique identification signal is included in a signal transmitted from a beacon. Here, the public key of the public key cryptosystem of each terminal 4 is included in the signal transmitted from this beacon, so that the position management server 6 side identifies each terminal 4 and identifies each position. Is possible.

  The location management server 6 determines whether or not each terminal 4 is in an area 8 (hereinafter referred to as “service area 8”) designated in advance based on the location information of each terminal 4. Based on the determination result, the access point 3 distributes the common key K1 necessary for access to the wireless network to the terminal 4 determined to be in the service area 8. On the other hand, unauthorized access is blocked from the terminal 4 determined to be outside the service area 8 by not distributing the common key K1. Further, when redistribution is performed by changing the common key K1 according to the user and time, information leakage is prevented by not redistributing the terminal 4 outside the service area 8. Here, since the common key K1 is encrypted with the public key for each terminal 4 and distributed to each terminal 4, the data flowing on the wireless network is different for each terminal 4.

  In FIG. 1, a plurality of position detection sensors 5 are illustrated. However, when accuracy is not particularly required for the position information of each terminal 4 to be acquired, for example, only one distance sensor is used, and the distance is determined. The service area 8 may be defined based only on the distance from the sensor.

  According to such a configuration, it is possible to determine whether the terminal 4 or the user is a regular access from within the service area 8 based on the position information of the terminal 4. Since it is not necessary to register the terminal 4 and the user in advance, even if a new computer device is newly introduced or a computer device is temporarily brought in and used, the administrator can register and delete the device. Don't bother your hands. As a result, it is possible to realize a network configuration with a high security level without impairing the high degree of freedom of the wireless LAN.

  FIG. 2 is an explanatory diagram of a position detection method using a distance sensor as an example of LPS.

  The LPS is a system including a device (hereinafter referred to as “beacon”) that transmits electromagnetic waves, infrared rays, ultrasonic waves, and the like, and a plurality of sensors arranged at different positions. A relative position with each sensor is calculated by calculation from information acquired by each sensor (for example, a distance between the sensor and the beacon). In principle, it is the same as GPS (Global Positioning System) applied to car navigation systems and the like.

  As shown in FIG. 2, here, the three distance sensors 21a to 21c are arranged at different positions. The signals transmitted from the beacon 20 are detected by the distance sensors 21a to 21c, and the distances between the beacon 20 and the distance sensors 21a to 21c are obtained based on the detected signals. In FIG. 13, the distance between the beacon 20 and the distance sensor 21a is α, and it can be seen that the beacon 20 exists at any position on the circumference of a circle 22a having a radius α centered on the distance sensor 21a. Similarly, the distance between the beacon 20 and the distance sensor 21b is β, and it can be seen that the beacon 20 exists at any position on the circumference of a circle 22b having a radius β centered on the distance sensor 21b. It can also be seen that the distance between the beacon 20 and the distance sensor 21c is γ, and the beacon 20 exists at any position on the circumference of a circle 22c having a radius γ centered on the distance sensor 21c. Since the positions of the distance sensors 21a to 21c are known in advance, the position of the beacon 20 can be calculated as the position of the intersection of the circle 22a, the circle 22b, and the circle 22c.

  FIG. 3 is a flowchart of processing from when a connection request is issued from the terminal 4 to the access point 3 until the communication 10 is established in the network system 1 according to the first embodiment of the present invention. FIG. 4 is a schematic explanatory diagram of this processing outline, and shows a case where the terminal 4 is in the service area 8. FIG. 5 is a schematic explanatory diagram of this processing outline, and shows a case where the terminal 4 is outside the service area 8. FIG. 6 is an example of the location management list L1 of the location management server 6 in the network system 1. FIG. 7 is an example of the terminal management list L2 of the access point 3 in the network system 1.

  As shown in FIGS. 3, 4, and 5, first, a wireless communication channel is established between the terminal 4 and the access point 3 (step S301). Next, an authentication request is sent from the terminal 4 (step S302). This authentication request includes the public key K2 of the terminal 4 that issues the request. The access point 3 transmits a location confirmation request including the received public key K2 to the location management server 6 (step S303).

  The location management server 6 searches the location management list L1 (see FIG. 6) for the requested public key K2, and determines whether or not the corresponding terminal 4 is in the service area 8 (see FIG. 1) (step S304). ). If it is within the service area 8, the process proceeds to step S306. If it is outside the service area, the process proceeds to step S305. Here, the location management server 6 obtains location information of each terminal 4 at regular time intervals, determines inside / outside of the service area 8 according to the location information of the service area 8 registered in advance, and obtains the result. It is assumed that it is reflected in the location management list L1 as needed.

  If the terminal 4 requested to confirm the location is not in the service area 8 (see FIG. 5), the location management server 6 sends back a warning signal notifying that the terminal 4 is outside the service area 8 to the access point 3, The access point 3 that has received the warning signal similarly issues a warning outside the service area 8 to the terminal 4 (step S305), and then ends the process. Therefore, since the common key K1 cannot be received on the terminal 4 side, the communication 10 cannot be started.

  When the terminal 4 requested to confirm the position is in the service area 8 (see FIG. 4), the position management server 6 accesses the common key seed (random number seed used when generating the encryption key). Transmit to point 3 (step S306). At this time, the location management server 6 may only transmit a signal indicating that the terminal 4 is in the service area 8.

  The access point 3 generates a common key K1 corresponding to the terminal 4 that has requested connection based on the type of the received encryption key (step S307). Further, the common key K1, the public key K2, the time when the authentication is performed, and the IP address of the terminal are set and stored in the terminal management list L2 (see FIG. 7). Then, after encrypting the common key K1 by the public key cryptosystem (step S308), the encrypted common key K1 is distributed to the terminal 4 (step S309).

  The terminal 4 that has received the common key K1 decrypts it using the secret key K3 (step S310). The terminal 4 performs communication 10 with the access point 3 using the decrypted common key K1.

  As described above, communication 10 between the terminal 4 and the wired network 7 is established via the access point 3 only when the terminal 4 is in the service area 8.

  FIG. 8 is a flowchart of redistribution processing of the common key K1 in the network system 1 according to the first embodiment of the present invention. FIG. 9 is a schematic explanatory diagram of this processing outline, and shows a case where the terminal 4 is in the service area 8. FIG. 10 is a schematic explanatory diagram of this processing outline, and shows a case where the terminal 4 has moved from the service area 8 to the outside of the service area.

  As shown in FIG. 8, FIG. 9, and FIG. 10, even when the communication 10 between the terminal 4 and the wired network 7 is established via the access point 3, the access point 3 has a terminal management list every predetermined time. Confirm L2 (see FIG. 7). At that time, the presence / absence of the terminal 4 that has passed a predetermined time or more from the previous authentication is confirmed (step S801). If there is such a terminal 4, the process proceeds to step S802, and if there is no such terminal 4, the process is terminated.

  If there is a terminal 4 that has passed a predetermined time or more from the previous authentication, the access point 3 notifies the terminal 4 that the position reconfirmation process is started (step S802). The terminal 4 that has received the start of the position reconfirmation process enters a standby state. Further, the access point 3 transmits a location confirmation request for the terminal 4 to the location management server 6 (step S803). This request includes the public key K2 of the corresponding terminal 4.

  The location management server 6 searches the location management list L1 (see FIG. 6) for the received public key K2 to determine whether the corresponding terminal 4 is in the service area 8 (see FIG. 1). (Step S804). If it is within the service area 8, the process proceeds to step S806, and if not, the process proceeds to step S805. Here, the location management server 6 acquires the location information of each terminal 4 at a fixed time interval, determines the inside / outside of the service area 8 according to the location information of the service area 8 registered in advance, It is assumed that the result is reflected in the position management list L1 as needed.

  When the corresponding terminal 4 is in the service area 8 (see FIG. 9), the location management server 6 transmits the common key seed to the access point 3 (step S806). At this time, the location management server 6 may only transmit a signal indicating that the terminal 4 is in the service area 8. The access point 3 newly generates a common key K11 corresponding to the requesting terminal 4 based on the received seed (step S807). Further, the common key K11 and the authentication execution time are updated for the corresponding terminal 4 in the terminal management list L2. Further, after encrypting the new common key K11 by the public key cryptosystem (step S808), the encrypted new common key K11 is redistributed to the terminal 4 (step S809). The terminal 4 that has received the new common key K11 decrypts it with the secret key K3 (step S810) and restarts the communication 10.

  When the corresponding terminal 4 is not in the service area 8 (see FIG. 10. When the previous position confirmation is in the service area 8 and then goes out of the service area 8), the location management server 6 4 sends back to the access point 3 a warning signal notifying that 4 is outside the service area 8, and the access point 3 receiving the warning signal similarly issues a warning outside the service area 8 to the terminal 4 (step S805). After that, the process ends. Therefore, the communication 4 cannot be resumed on the terminal 4 side because the new common key K11 cannot be received.

  As described above, the new common key K11 is redistributed only when the terminal 4 is in the service area 8.

  FIG. 11 shows a case where unauthorized access (spoofing) is attempted from the terminal 4a outside the service area 8 in the network system 1 according to the first embodiment of the present invention.

  According to the authentication and the common key distribution method as described above, the public key of the terminal 4 recognized by the position detection sensor 5 (see FIG. 1) in the service area 8 (see FIG. 1) for unauthorized access. Both K2 and the private key K3 (see FIG. 9) paired with the public key K2 are required.

  For example, as shown in FIG. 11, in the case where authentication is requested using the public key K2 of the terminal 4 in the service area 8 in order to gain unauthorized access from the terminal 4a outside the service area 8, the location management server 6 Is mistaken for the legitimate terminal 4 in the service area 8, and the encrypted common key K1 is distributed to the unauthorized terminal 4a outside the service area 8. That is, steps S301 to S309 (excluding step S305) are executed in order (similar to the description with reference to FIGS. 3 and 4).

  However, since the unauthorized terminal 4a outside the service area 8 does not have the regular secret key K3, the decryption process of the common key K1 encrypted with the public key K2 distributed from the access point 3 fails (step S1). S1101). Therefore, the communication 10 cannot be established (step S1102).

  Further, if the secret key K3 is integrated with the communication module by writing it into a ROM (Read Only Memory) of the communication module, the secret key K3 will not be leaked unless the communication module is stolen. Even if a communication module is stolen, unauthorized access can be blocked unless the communication module is in the service area 8. Furthermore, when an attempt is made to illegally read out the secret key K3 in the communication module, the security level can be further increased by combining mechanisms that cause the secret key information to volatilize.

  FIG. 12 is a block diagram of a configuration example of the communication module 9 included in the terminal 4 in the network system 1 according to the first embodiment of the present invention.

  As shown in FIG. 12, the signal received by the signal transmitting / receiving unit 901 via the antenna 900a is discriminated by the received signal discriminating unit 902 and sent to an appropriate processing unit.

  When the received signal is the common key K1 (see FIG. 4) encrypted with the public key K2 (see FIG. 4), the secret key K3 (recorded in the secret key storage unit 904 in the public key decryption processing unit 903). 4) and is stored in the common key storage unit 907.

  On the other hand, if the received signal is a signal encrypted with the common key K1, it is sent to the common key encryption processing unit 906 and decrypted using the common key K1 recorded in the common key storage unit 907. . The decrypted plaintext signal is sent to the terminal 4 (see FIG. 1) through the external connection unit 910.

  Conversely, a signal sent from the terminal 4 is sent from the external connection unit 910 to the common key encryption processing unit 906, encrypted using the common key K 1 in the common key storage unit 907, and sent to the transmission control unit 905. Sent. The signal is modulated from the transmission control unit 905 to the radio signal via the signal transmission / reception unit 901 and transmitted to the access point 3 (see FIG. 1).

  In the case of connection request transmission, the transmission control unit 905 generates a connection request signal including the public key K2 stored in the public key storage unit 908, passes through the signal transmission / reception unit 901, and further passes through the antenna 900a to access point. 3 is transmitted.

  Further, in order to acquire the position information of the communication module 9 by the position detection sensor 5 (see FIG. 1), a signal is periodically transmitted from the beacon 909 via the antenna 900b. This signal includes public key information recorded in the public key storage unit 908. Here, the beacon 909 is assumed to be a device that transmits a radio signal, but the beacon 909 may be a device that transmits a signal by infrared rays or a device that transmits an ultrasonic wave.

  FIG. 13 is a block diagram of a configuration example of the access point 3 in the network system 1 according to the first embodiment of the present invention.

  As shown in FIG. 13, the signal received by the signal transmission / reception unit 31 via the antenna 30 is determined by the reception signal determination unit 32 and sent to an appropriate processing unit.

  If the received signal is a connection request signal, it is sent to the authentication processing control unit 36. The authentication processing control unit 36 separates the public key K2 (see FIG. 4) for identifying the terminal included in the signal, and transmits it by including it in the position confirmation request signal. The transmitted position confirmation request signal is transmitted to the position management server 6 (see FIG. 1) via the external connection unit 39.

  Further, the type of the common key sent from the location management server 6 is sent to the authentication processing control unit 36 through the external connection unit 39. The seed of the common key is sent from the authentication processing control unit 36 to the common key generation unit 35, and a common key K1 (see FIG. 4) is generated. The generated key is sent to the public key encryption processing unit 34 and the authentication processing control unit 36 together with the public key K2 of the target terminal 4 (see FIG. 1).

  The common key K1 sent to the authentication processing control unit 36 is recorded in the terminal management list L2 (see FIG. 7) held in the terminal management list storage unit 37 together with the public key K2. At this time, the authentication processing time is also recorded for the corresponding terminal 4 in the terminal management list L2.

  On the other hand, the common key K1 sent to the public key encryption processing unit 34 is encrypted using the public key K2 sent together. The encrypted common key K1 is transmitted from the transmission control unit 33 to the signal transmission / reception unit 31, modulated into a radio signal, and transmitted to the terminal 4 via the antenna 30.

  If the received signal is a signal encrypted with the common key K 1, the signal is sent from the received signal determination unit 32 to the common key encryption processing unit 38. The common key encryption processing unit 38 searches the terminal management list L2 held in the terminal management list storage unit 37 using the public key K2 of the terminal 4 included in the signal, and acquires the corresponding common key K1. The cipher is decrypted using the acquired common key K1, and the decrypted plaintext signal is sent to the network server 2 (see FIG. 1) via the external connection unit 39.

  On the other hand, a signal sent from the network server 2 to the terminal 4 is sent to the common key encryption processing unit 38 through the external connection unit 39. The common key encryption processing unit 38 searches the terminal management list L2 held in the terminal management list storage unit 37 using the IP address, and acquires the corresponding common key K1. The common key encryption processing unit 38 encrypts the signal transmitted using the acquired common key K1. The encrypted signal passes through the transmission control unit 33, is modulated into a radio signal by the signal transmission / reception unit 31, and is transmitted to the terminal 4 via the antenna 30.

  In the above description of the first embodiment, the position management server 6, the network server 2, the position detection sensor 5, and the like exist independently and are respectively connected to the outside of the access point 3. It is not limited to a simple configuration. For example, the location management server 6 may be built in the access point 3. When there are a plurality of position detection sensors 5, one of them may be built in the access point 3. When the position detection sensor 5 is only one distance sensor, this distance sensor may be built in the access point 3.

Second Embodiment
The present invention is not limited to an embodiment in which each component is realized by a dedicated device. The access control method in the network system of the first embodiment described above can also be realized by causing a computer to execute an access control program that executes the access control method described above, which is the second embodiment.

  Here, examples of the computer include a one-chip microcomputer suitable for incorporation into an electronic device, but are not limited thereto. A more general purpose computer device may be used.

  According to such a configuration, if there is a computer that can execute the access control program, an access point device that can execute the access control method of the present invention, and a network system including such an access point device are developed and manufactured. Becomes easier. Since a general-purpose one-chip microcomputer can be used as an electronic component, it can contribute to cost reduction and downsizing of an access point device.

<Third Embodiment>
The access control program as in the second embodiment may be recorded on a computer-readable recording medium, and this is the third embodiment.

  The recording medium may itself be a program medium such as a memory such as a ROM, or a computer reading device provided as an external storage device in an access point device or the like, and a storage medium such as a CD A program medium that can be read by inserting a ROM, a DVD-ROM, or the like may be used.

  In either case, the recorded program may be configured to be accessed and executed by the microprocessor. Alternatively, a method may be used in which a program is first read out, the read program is loaded into a computer program storage area, and the program is executed. This loading program is assumed to be built in beforehand.

  Here, the program medium is a recording medium configured to be separable from the main body, and is a tape system such as a magnetic tape or a cassette tape, a magnetic disk system such as an FD (flexible disk) or HD (hard disk), or a CD-ROM. Supports fixed programs including optical disks such as / MO / MD / DVD, card systems such as IC card / memory card / optical card, or semiconductor memory such as mask ROM / EPROM / EEPROM / flash ROM It may be a medium.

  Thereby, it becomes easy to implement the access control method of the present invention in various places and environments, and the versatility of the access control method of the present invention can be enhanced.

  In the present invention, in the case of a system configuration that can be connected to a communication network including the Internet, a medium that fluidly carries the program so as to download the program from the communication network may be used. When the program is downloaded from the communication network as described above, the download program may be installed in advance or may be installed from another recording medium. The content recorded on the recording medium is not limited to a program, and may be data.

  Thereby, it becomes easy to implement the access control method of the present invention in various places and environments without the need for a physical recording medium, and the versatility of the access control method of the present invention can be further enhanced.

  The present invention can be implemented in various other forms without departing from the spirit or main features thereof. Therefore, the above-mentioned embodiment is only a mere illustration in all points, and should not be interpreted limitedly. The scope of the present invention is indicated by the claims, and is not restricted by the text of the specification. Further, all modifications and changes belonging to the equivalent scope of the claims are within the scope of the present invention.

1 is a schematic configuration diagram of a network system according to a first embodiment of the present invention. It is explanatory drawing of the position detection method by a distance sensor as an example of LPS. 4 is a flowchart of processing from when a connection request is issued from a terminal to an access point until communication is established in the network system according to the first embodiment of the present invention. In the network system which concerns on 1st Embodiment of this invention, it is typical explanatory drawing of the process outline | summary when a connection request | requirement is issued from a terminal to an access point, and the case where a terminal exists in a service area is shown. In the network system which concerns on 1st Embodiment of this invention, it is typical explanatory drawing of the process outline | summary when a connection request | requirement is issued from a terminal to an access point, and shows the case where a terminal is outside a service area. It is an example of the position management list | wrist of the position management server in the network system which concerns on 1st Embodiment of this invention. It is an example of the terminal management list | wrist of the access point in the network system which concerns on 1st Embodiment of this invention. It is a flowchart of the redistribution process of the common key in the network system which concerns on 1st Embodiment of this invention. It is a typical explanatory view of a redistribution process outline of a common key in the network system concerning a 1st embodiment of the present invention, and shows a case where a terminal is in a service area. It is a typical explanatory view of the redistribution process of the common key in the network system according to the first embodiment of the present invention, and shows a case where the terminal has moved out of the service area. It is a typical explanatory view of the redistribution process outline of the common key in the network system according to the first embodiment of the present invention, and shows a case where unauthorized access (spoofing) is attempted from a terminal outside the service area. It is a block diagram of the structural example of the communication module which the terminal in the network system which concerns on 1st Embodiment of this invention has. It is a block diagram of the example of a structure of the access point in the network system which concerns on 1st Embodiment of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Network system 2 Network server 3 Access point 4 Terminal 4a Unauthorized terminal 5 Position detection sensor 6 Position management server 7 Wired network (LAN or WAN)
8 Service area 9 Communication module 10 Communication (wireless)
20 Beacon 21a, 21b, 21c Distance sensor 30 Antenna 31 Signal transmission / reception unit 32 Reception signal discrimination unit 33 Transmission control unit 34 Public key encryption processing unit 35 Common key generation unit 36 Authentication processing control unit 37 Terminal management list storage unit 38 Common key encryption Processing unit 39 External connection unit 900a, 900b Antenna 901 Signal transmission / reception unit 902 Reception signal determination unit 903 Public key decryption processing unit 904 Private key storage unit 905 Transmission control unit 906 Common key encryption processing unit 907 Common key storage unit 908 Public key storage unit 909 Beacon 910 External connection unit K1 Common key K11 Common key (during redistribution)
K2 public key (terminal)
K3 secret key (terminal)
L1 Location management list L2 Terminal management list

Claims (27)

In a network system for wirelessly connecting a terminal to a network via an access point device,
A position detector that detects position information of each terminal;
A location information management device that manages location information of each terminal detected by the location detector;
A network system, wherein the access point device controls connection of each terminal to the network based on location information of each terminal managed by the location information management device. The network system according to claim 1,
Based on the location information of each terminal managed by the location information management device, each terminal determined to exist within a predetermined area is permitted to connect to the network and is determined to exist outside the predetermined area. A network system characterized in that connection to the network is prohibited for each terminal that has been made. The network system according to claim 1 or 2,
A network system, wherein the access point device and each terminal each have encryption communication means. The network system according to claim 3,
The access point device transmits different encryption key information for each terminal to each terminal, updates the encryption key information every predetermined time, and retransmits to each terminal,
A network system, wherein the access point device controls retransmission of the updated encryption key information to each terminal based on location information of each terminal managed by the location information management device. The network system according to claim 4, wherein
Based on the location information of each terminal managed by the location information management device, each terminal determined to exist within the predetermined area is allowed to retransmit the updated encryption key information, and is out of the predetermined area. A network system characterized by prohibiting re-transmission of the updated encryption key information for each terminal determined to exist in the network. The network system according to any one of claims 1 to 5,
A network system comprising a plurality of the position detectors. The network system according to any one of claims 1 to 5,
A network system, wherein there is only one position detector. The network system according to claim 6 or 7,
The network system, wherein the position detector is a distance sensor that measures a distance to each terminal. The network system according to any one of claims 1 to 5,
The network system, wherein the access point device incorporates the location information management device. The network system according to claim 9, wherein
The network system, wherein the access point device incorporates the position detector. The network system according to any one of claims 1 to 5,
A network system characterized in that each terminal has a transmitter for transmitting a signal for position detection by the position detector. The network system according to claim 11, wherein
The network system, wherein the transmitter periodically transmits a signal at a predetermined time interval. The network system according to claim 11 or 12,
The network system characterized in that the transmitter transmits a signal by radio waves. The network system according to claim 11 or 12,
The network system characterized in that the transmitter transmits a signal by infrared rays. The network system according to any one of claims 11 to 14,
The network system, wherein the signal includes identification information unique to each terminal. The network system according to claim 15, wherein
The network system characterized in that the identification information is a public key of a public key cryptosystem.   The access point apparatus in the network system of any one of Claims 1 thru | or 16. A communication module for a terminal used in each terminal in the network system according to any one of claims 1 to 10,
A terminal communication module comprising a transmitter for transmitting a signal for position detection by the position detector. The communication module for terminals according to claim 18,
The terminal communication module, wherein the transmitter periodically transmits a signal at a predetermined time interval. The terminal communication module according to claim 18 or 19,
The communication module for terminals, wherein the transmitter transmits a signal by radio waves. The terminal communication module according to claim 18 or 19,
The terminal communication module, wherein the transmitter transmits a signal by infrared rays. The communication module for terminals according to any one of claims 18 to 21,
The network system, wherein the signal includes identification information unique to each terminal communication module. The communication module for terminals according to claim 22,
The network system characterized in that the identification information is a public key of a public key cryptosystem. An access control method in a network system for wirelessly connecting a terminal to a network via an access point device,
A determination step of detecting the position of each terminal and determining whether or not it exists within a predetermined area;
An access control method comprising: an access permission step for permitting access to the network only for a terminal determined to exist within the predetermined area. The access control method according to claim 24, wherein
In the determining step, the position of a terminal having a unique public key is detected to determine whether or not the terminal exists in the predetermined area,
The access permission step includes:
A common key generating step for generating a common key for communication with the terminal determined to exist in the predetermined area;
An encryption step of encrypting the common key with the public key unique to the terminal;
A common key transmission step of transmitting the common key encrypted in the encryption step;
An access control method comprising: a communication step of performing encrypted communication with the terminal using the common key transmitted in the common key transmission step.   An access control method program for causing a computer to execute the access control method according to claim 24 or 25.   27. A computer-readable recording medium on which the access control method program according to claim 26 is recorded.

Images